Add v3.9 support

playbooks/byo/openshift-cluster/upgrades/v3_8/README.md

@@ -1,4 +1,4 @@
-# v3.6 Major and Minor Upgrade Playbook
+# v3.8 Major and Minor Upgrade Playbook
 
 ## Overview
 This playbook currently performs the following steps.

playbooks/byo/openshift-cluster/upgrades/v3_9/README.md

@@ -0,0 +1,20 @@
+# v3.9 Major and Minor Upgrade Playbook
+
+## Overview
+This playbook currently performs the following steps.
+
+ * Upgrade and restart master services
+ * Unschedule node
+ * Upgrade and restart docker
+ * Upgrade and restart node services
+ * Modifies the subset of the configuration necessary
+ * Applies the latest cluster policies
+ * Updates the default router if one exists
+ * Updates the default registry if one exists
+ * Updates image streams and quickstarts
+
+## Usage
+
+```
+ansible-playbook -i ~/ansible-inventory openshift-ansible/playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade.yml
+```

playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade.yml

@@ -0,0 +1,5 @@
+---
+#
+# Full Control Plane + Nodes Upgrade
+#
+- include: ../../../../common/openshift-cluster/upgrades/v3_9/upgrade.yml

playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml

@@ -0,0 +1,14 @@
+---
+#
+# Control Plane Upgrade Playbook
+#
+# Upgrades masters and Docker (only on standalone etcd hosts)
+#
+# This upgrade does not include:
+# - node service running on masters
+# - docker running on masters
+# - node service running on dedicated nodes
+#
+# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
+#
+- include: ../../../../common/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml

playbooks/byo/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml

@@ -0,0 +1,7 @@
+---
+#
+# Node Upgrade Playbook
+#
+# Upgrades nodes only, but requires the control plane to have already been upgraded.
+#
+- include: ../../../../common/openshift-cluster/upgrades/v3_9/upgrade_nodes.yml

playbooks/common/openshift-cluster/upgrades/v3_9/filter_plugins

@@ -0,0 +1 @@
+../../../../../filter_plugins/

playbooks/common/openshift-cluster/upgrades/v3_9/master_config_upgrade.yml

@@ -0,0 +1,20 @@
+---
+- modify_yaml:
+    dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
+    yaml_key: 'controllerConfig.election.lockName'
+    yaml_value: 'openshift-master-controllers'
+
+- modify_yaml:
+    dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
+    yaml_key: 'controllerConfig.serviceServingCert.signer.certFile'
+    yaml_value: service-signer.crt
+
+- modify_yaml:
+    dest: "{{ openshift.common.config_base}}/master/master-config.yaml"
+    yaml_key: 'controllerConfig.serviceServingCert.signer.keyFile'
+    yaml_value: service-signer.key
+
+- modify_yaml:
+    dest: "{{ openshift.common.config_base }}/master/master-config.yaml"
+    yaml_key: servingInfo.clientCA
+    yaml_value: ca.crt

playbooks/common/openshift-cluster/upgrades/v3_9/roles

@@ -0,0 +1 @@
+../../../../../roles/

playbooks/common/openshift-cluster/upgrades/v3_9/upgrade.yml

@@ -0,0 +1,142 @@
+---
+#
+# Full Control Plane + Nodes Upgrade
+#
+- include: ../init.yml
+  tags:
+  - pre_upgrade
+
+- name: Configure the upgrade target for the common upgrade tasks
+  hosts: oo_all_hosts
+  tags:
+  - pre_upgrade
+  tasks:
+  - set_fact:
+      openshift_upgrade_target: '3.9'
+      openshift_upgrade_min: '3.7'
+
+# Pre-upgrade
+
+- include: ../initialize_nodes_to_upgrade.yml
+  tags:
+  - pre_upgrade
+
+- include: ../pre/verify_etcd3_backend.yml
+  tags:
+  - pre_upgrade
+
+- name: Update repos and initialize facts on all hosts
+  hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config:oo_lb_to_config
+  tags:
+  - pre_upgrade
+  roles:
+  - openshift_repos
+
+- name: Set openshift_no_proxy_internal_hostnames
+  hosts: oo_masters_to_config:oo_nodes_to_upgrade
+  tags:
+  - pre_upgrade
+  tasks:
+  - set_fact:
+      openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
+                                                    | union(groups['oo_masters_to_config'])
+                                                    | union(groups['oo_etcd_to_config'] | default([])))
+                                                | oo_collect('openshift.common.hostname') | default([]) | join (',')
+                                                }}"
+    when:
+    - openshift_http_proxy is defined or openshift_https_proxy is defined
+    - openshift_generate_no_proxy_hosts | default(True) | bool
+
+- include: ../pre/verify_inventory_vars.yml
+  tags:
+  - pre_upgrade
+
+- include: ../pre/verify_health_checks.yml
+  tags:
+  - pre_upgrade
+
+- include: ../pre/verify_control_plane_running.yml
+  tags:
+  - pre_upgrade
+
+- include: ../disable_master_excluders.yml
+  tags:
+  - pre_upgrade
+
+- include: ../disable_node_excluders.yml
+  tags:
+  - pre_upgrade
+
+- include: ../../../../init/version.yml
+  tags:
+  - pre_upgrade
+  vars:
+    # Request specific openshift_release and let the openshift_version role handle converting this
+    # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
+    # defined, and overriding the normal behavior of protecting the installed version
+    openshift_release: "{{ openshift_upgrade_target }}"
+    openshift_protect_installed_version: False
+
+    # We skip the docker role at this point in upgrade to prevent
+    # unintended package, container, or config upgrades which trigger
+    # docker restarts. At this early stage of upgrade we can assume
+    # docker is configured and running.
+    skip_docker_role: True
+
+- include: ../../../../openshift-master/private/validate_restart.yml
+  tags:
+  - pre_upgrade
+
+- name: Verify upgrade targets
+  hosts: oo_masters_to_config:oo_nodes_to_upgrade
+  tasks:
+  - include: ../pre/verify_upgrade_targets.yml
+  tags:
+  - pre_upgrade
+
+- name: Verify docker upgrade targets
+  hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
+  tasks:
+  - include: ../pre/tasks/verify_docker_upgrade_targets.yml
+  tags:
+  - pre_upgrade
+
+- include: validator.yml
+  tags:
+  - pre_upgrade
+
+- include: ../pre/gate_checks.yml
+  tags:
+  - pre_upgrade
+
+# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
+
+# Separate step so we can execute in parallel and clear out anything unused
+# before we get into the serialized upgrade process which will then remove
+# remaining images if possible.
+- name: Cleanup unused Docker images
+  hosts: oo_masters_to_config:oo_nodes_to_upgrade:oo_etcd_to_config
+  tasks:
+  - include: ../cleanup_unused_images.yml
+
+- include: ../upgrade_control_plane.yml
+  vars:
+    master_config_hook: "v3_7/master_config_upgrade.yml"
+
+# All controllers must be stopped at the same time then restarted
+- name: Cycle all controller services to force new leader election mode
+  hosts: oo_masters_to_config
+  gather_facts: no
+  tasks:
+  - name: Stop {{ openshift.common.service_type }}-master-controllers
+    systemd:
+      name: "{{ openshift.common.service_type }}-master-controllers"
+      state: stopped
+  - name: Start {{ openshift.common.service_type }}-master-controllers
+    systemd:
+      name: "{{ openshift.common.service_type }}-master-controllers"
+      state: started
+
+- include: ../upgrade_nodes.yml
+
+- include: ../post_control_plane.yml

playbooks/common/openshift-cluster/upgrades/v3_9/upgrade_control_plane.yml

@@ -0,0 +1,144 @@
+---
+#
+# Control Plane Upgrade Playbook
+#
+# Upgrades masters and Docker (only on standalone etcd hosts)
+#
+# This upgrade does not include:
+# - node service running on masters
+# - docker running on masters
+# - node service running on dedicated nodes
+#
+# You can run the upgrade_nodes.yml playbook after this to upgrade these components separately.
+#
+- include: ../init.yml
+  tags:
+  - pre_upgrade
+
+- name: Configure the upgrade target for the common upgrade tasks
+  hosts: oo_all_hosts
+  tags:
+  - pre_upgrade
+  tasks:
+  - set_fact:
+      openshift_upgrade_target: '3.9'
+      openshift_upgrade_min: '3.7'
+
+# Pre-upgrade
+- include: ../initialize_nodes_to_upgrade.yml
+  tags:
+  - pre_upgrade
+
+- include: ../pre/verify_etcd3_backend.yml
+  tags:
+  - pre_upgrade
+
+- name: Update repos on control plane hosts
+  hosts: oo_masters_to_config:oo_etcd_to_config:oo_lb_to_config
+  tags:
+  - pre_upgrade
+  roles:
+  - openshift_repos
+
+- name: Set openshift_no_proxy_internal_hostnames
+  hosts: oo_masters_to_config:oo_nodes_to_upgrade
+  tags:
+  - pre_upgrade
+  tasks:
+  - set_fact:
+      openshift_no_proxy_internal_hostnames: "{{ hostvars | oo_select_keys(groups['oo_nodes_to_config']
+                                                    | union(groups['oo_masters_to_config'])
+                                                    | union(groups['oo_etcd_to_config'] | default([])))
+                                                | oo_collect('openshift.common.hostname') | default([]) | join (',')
+                                                }}"
+    when:
+    - openshift_http_proxy is defined or openshift_https_proxy is defined
+    - openshift_generate_no_proxy_hosts | default(True) | bool
+
+- include: ../pre/verify_inventory_vars.yml
+  tags:
+  - pre_upgrade
+
+- include: ../pre/verify_health_checks.yml
+  tags:
+  - pre_upgrade
+
+- include: ../pre/verify_control_plane_running.yml
+  tags:
+  - pre_upgrade
+
+- include: ../disable_master_excluders.yml
+  tags:
+  - pre_upgrade
+
+- include: ../../../../init/version.yml
+  tags:
+  - pre_upgrade
+  vars:
+    # Request specific openshift_release and let the openshift_version role handle converting this
+    # to a more specific version, respecting openshift_image_tag and openshift_pkg_version if
+    # defined, and overriding the normal behavior of protecting the installed version
+    openshift_release: "{{ openshift_upgrade_target }}"
+    openshift_protect_installed_version: False
+
+    # We skip the docker role at this point in upgrade to prevent
+    # unintended package, container, or config upgrades which trigger
+    # docker restarts. At this early stage of upgrade we can assume
+    # docker is configured and running.
+    skip_docker_role: True
+
+- include: ../../../../openshift-master/private/validate_restart.yml
+  tags:
+  - pre_upgrade
+
+- name: Verify upgrade targets
+  hosts: oo_masters_to_config
+  tasks:
+  - include: ../pre/verify_upgrade_targets.yml
+  tags:
+  - pre_upgrade
+
+- name: Verify docker upgrade targets
+  hosts: oo_masters_to_config:oo_etcd_to_config
+  tasks:
+  - include: ../pre/tasks/verify_docker_upgrade_targets.yml
+  tags:
+  - pre_upgrade
+
+- include: validator.yml
+  tags:
+  - pre_upgrade
+
+- include: ../pre/gate_checks.yml
+  tags:
+  - pre_upgrade
+
+# Pre-upgrade completed, nothing after this should be tagged pre_upgrade.
+
+# Separate step so we can execute in parallel and clear out anything unused
+# before we get into the serialized upgrade process which will then remove
+# remaining images if possible.
+- name: Cleanup unused Docker images
+  hosts: oo_masters_to_config:oo_etcd_to_config
+  tasks:
+  - include: ../cleanup_unused_images.yml
+
+- include: ../upgrade_control_plane.yml
+  vars:
+    master_config_hook: "v3_7/master_config_upgrade.yml"
+
+# All controllers must be stopped at the same time then restarted
+- name: Cycle all controller services to force new leader election mode
+  hosts: oo_masters_to_config
+  gather_facts: no
+  tasks:
+  - name: Stop {{ openshift.common.service_type }}-master-controllers
+    systemd:
+      name: "{{ openshift.common.service_type }}-master-controllers"
+      state: stopped
+  - name: Start {{ openshift.common.service_type }}-master-controllers
+    systemd:
+      name: "{{ openshift.common.service_type }}-master-controllers"
+      state: started
+
+- include: ../post_control_plane.yml